On Fri, 27 Oct 2017 06:01, dan.ho...@redbone.co.nz said: > gpg2 --verify-sign <key-id> <filename>
Verification against a set of known keys is done using gpgv gpgv FILE which uses ~/.gnupg/trustedkeys.gpg. To specifiy another file with keys you use gpgv --keyring KEYRING FILE here is how we do this when building GnUPG using the Speedo scripts: if ! $GPGV --keyring "$distsigkey" swdb.lst.sig swdb.lst; then echo "list of software versions is not valid!" >&2 exit 1 fi This is from gnupg/build-aux/getswdb.sh. To create the file with the keys you can do this: gpg --export --export-options export-minimal FPR1 FPR2 FPR2 >trustedkeys.gpg Do _not_ use --armor. --export-options is not really required but strips down the size of the key. @Rob: Shouldn't we mention gpgv in the FAQ? Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
pgpqFduEBlmWG.pgp
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users